Sophos hasn’t seen the Trojan used in any online attacks—it’s more a bare-bones, proof-of-concept beta program right now—but the software is pretty easy to use, and if a criminal could find a way to get a Mac user to install it, or write attack code that would silently install it on the Mac, it would give him remote control of the hacked machine.

BlackHole is a variant of a Windows Trojan called darkComet, but it appears to have been written by a different developer. The darkComet source code is freely available, so it looks like BlackHole’s author simply took that code and tweaked it so it would run on the Mac, Wisniewski said.

Mac OS X has been gaining market share on Windows lately, and that’s starting to make it a more interesting platform for criminals. Wisniewski said that while Mac malware is still very rare, he has seen another Trojan, called HellRTS, circulating on file-sharing sites for pirated Mac software.

However, researchers at security firm Intego disputed the seriousness of the Trojan, pointing out that while it makes the task of controlling an infected computer simpler for a hacker, it doesn’t make it any easier to infect a Mac in the first place.

Updated at 6:57 a.m. PT to clarify the term RAT and add information from Intego.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.